I had multiple requests if CloudForms is able to provision containers via self service to the Red Hat OpenShift container platform. I liked the idea as you can not expect from every developer in your company to know how to create templates or build configs. I will walk you through, step by step how this can be achieved with CloudForms and it’s native integration into Ansible Tower.

Step 1 Create a new project in Ansible Tower and add https://github.com/ldomb/ansible_tower_roles as the giturl this will download the role / playbook which I wrote to prove the above case.

Step 2 I assume that you already have an inventory added to your tower instance. Let’s create the Job Template so we can launch containers / pod in OpenShift. Add the following values to the job template

Do not forget to check to box Prompt on launch and save tho job template

Step 4 Login to CloudForms and go to the tab configuration management -> Ansible Job Templates. You should see the following. Generate a catalog item from the octools template and name it ose_sti.

Step 5 Then go to Automate -> Customization -> Service Dialogs and click on the ose_sti catalog item. For this example we can delete some of the fields as they are not needed for source to image. Make sure your catalog item has the same fields as I am showing in the picture below.

Step 6 Set the STI value to true as I am filtering for it in the ansible playbook. This field is read only.

Step 7 For autoscale create a radio button with the values true or false. If you set it to true it will automatically create a horizontal pod autoscaler based on cpu load.

Step 8 The Limit for the job needs to be read only as well. I choose it to be the master as the master has the oc tools installed.

Step 9 For my OpenShift installation I am using basic auth. For this demo to work you need create a user in OpenShift matching the user loggedin in CloudForms.

Login to your openshift master and add a user to the htpasswd file

$ sudo htpasswd /etc/origin/htpasswd username

Remember the password.

Step 10 Go back to CloudForms. For the username field I’ve created a new method based on Kevin Moreys CloudForms Dropdown list https://github.com/ramrexx/CloudForms_Essentials in CloudForms_Essentials -> Integration -> RedHat -> CloudForms -> Dynamic dialog -> get_loggedin_user

dialog_hash = {}

users = $evm.vmdb(:user).all

users.each do |u|
if u.id == $evm.root[‘user’].id
dialog_hash[u.userid] = “#{u.userid}”
end
end

Step 11 Wire the field to be a dynamic dropdown and add the following values.

Step 12 The password field needs to be protected and match the one you’ve create with htpasswd on OpenShift. In reality you would have connected your CloudForms appliance and OpenShift to LDAP and grabbed the encrypted password from CloudForms instead of entering it.

Step 13 For the email address I used another method in the CloudForms essentials domain as I want to send an email to the developer once his application is deployed. Create new method called get_loggedin_user_email

dialog_hash = {}

users = $evm.vmdb(:user).all

users.each do |u|
if u.id == $evm.root[‘user’].id
dialog_hash[u.email] = “#{u.email}” if u.email
end
end

Step 14 To be able to send a user a customized email message I copied the ConfigurationManagement->AnsibleTower->Service->Provisioning->Email->ServiceProvision_Complete instance and its method ServiceProvision_Complete and renamed the method to ServiceProvision_Complete_OSE. Your instance should look like this.

Step 15 Create the email method ServiceProvision_Complete_OSE and add the following content